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Title: METHOD AND SYSTEM TO PROVIDE SECURE KEY SELECTION USING A SECURE DEVICE IN A WATERCRYPTING 
ENVIRONMENT 

IN THE CLAIMS 

Please amend the claims as follows: 

1 . (Currently Amended) A computerized method to provide secure key selection 
comprising: 

transmitting a license from a server to a secure device for storage, the license containing a 
product key of a watercrypted content and a client identifier to a secure device for storage ; 

transmitting via an electronic network an entitlement control message containing a 
plurality of content keys associated with said watercrypted content to said secure device, together 
with a request to provide a session content key from said plurality of content keys, said session 
content key to be used to decrypt said watercrypted content; and 

receiving said session content key from said secure device in response to said request. 

2. (Original) The method according to claim 1, wherein said license is encrypted with a 
public key of said secure device to allow said secure device to access said license. 

3. (Original) The method according to claim 1, wherein said license is encrypted with a 
secret key of said secure device to allow said secure device to access said license. 

4. (Original) The method according to claim 1, further comprising: 
establishing a secure channel to communicate securely with said secure device. 

5. (Original) The method according to claim 4, wherein said establishing further comprises: 
encrypting a transport key with a personal public key; and 

transmitting said transport key to said secure device. 

6. (Original) The method according to claim 5, wherein said receiving further comprises: 
receiving said session content key encrypted with said transport key; and 

decrypting said session content key to be used in decrypting said watercrypted content. 
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7. (Original) The method according to claim 1, wherein said secure device is a smart card 
device. 

8. (Original) The method according to claim 1, further comprising receiving said license 
from a content server which distributed said watercrypted content. 

9. (Original) The method according to claim 1, further comprising receiving said license 
from an entity connected to a content server which distributed said watercrypted content, said 
entity storing said client identifier and being configured to encrypt said product key with a public 
key of said secure device. 

10. (Original) The method according to claim 1, further comprising receiving said 
entitlement control message from a content server which distributed said watercrypted content. 

1 1 . (Currently Amended) A computerized method to provide secure key selection 
comprising: 

electronically storing a license containing a product key of a watercrypted content and a 
client identifier from a decoder; 

receiving via an electronic network a n entitlement control message containing a plurality 
of content keys associated with said watercrypted content from said decoder, together with a 
request to provide a session content key from said plurality of content keys, said session content 
key to be used to decrypt said watercrypted content; 

selecting said session content key using said product key and said client identifier from 
said license; and 

transmitting said session content key to said decoder in response to said request. 

12. (Original) The method according to claim 11, wherein said license is encrypted with a 
personal public key to allow access to said license. 
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13. (Original) The method according to claim 12, farther comprising decrypting said license 
using said personal public key. 



14. (Original) The method according to claim 11, wherein said selecting farther comprises; 
receiving a transport key encrypted with a public key of said decoder; and 
encrypting said session content key with said transport key. 

15. (Original) The method according to claim 14, wherein said transmitting farther comprises 
transmitting said session content key encrypted with said transport key to said decoder. 

16. (Currently Amended) An -Electronic apparatus to provide secure key selection 
comprising: 

means for transmitting a license from a server to a secure device for storage, the license 
containing a product key of a watercrypted content and a client identifier to a secure device for 
storage ; 

means for transmitting via an electronic network an entitlement control message 
containing a plurality of content keys associated with said watercrypted content to said secure 
device, together with a request to provide a session content key from said plurality of content 
keys, said session content key to be used to decrypt said watercrypted content; and 

means for receiving said session content key from said secure device in response to said 
request. 

17. (Original) The apparatus according to claim 16, wherein said license is encrypted with a 
public key of said secure device to allow said secure device to access said license. 

18. (Original) The apparatus according to claim 16, wherein said license is encrypted with a 
secret key of said secure device to allow said secure device to access said license. 
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19. (Original) The apparatus according to claim 16, further comprising: 

means for establishing a secure channel to communicate securely with said secure device. 

20. (Original) The apparatus according to claim 19, further comprising: 
means for encrypting a transport key with a personal public key; and 
means for transmitting said transport key to said secure device. 

21. (Original) The apparatus according to claim 20, further comprising: 

means for receiving said session content key encrypted with said transport key; and 
means for decrypting said session content key to be used in decrypting said watercrypted 
content. 

22. (Original) The apparatus according to claim 16, wherein said secure device is a smart 
card device. 

23. (Original) The apparatus according to claim 16, further comprising means for receiving 
said license from a content server which distributed said watercrypted content. 

24. (Original) The apparatus according to claim 16, further comprising means for receiving 
said license from an entity connected to a content server which distributed said watercrypted 
content, said entity storing said client identifier and being configured to encrypt said product key 
with a public key of said secure device. 

25. (Original) The apparatus according to claim 16, further comprising means for receiving said 
entitlement control message from a content server which distributed said watercrypted content. 
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26. (Currently Amended) An Electronic apparatus to provide secure key selection 
comprising: 

means for electronically storing a license containing a product key of a watercrypted 
content and a client identifier from a decoder; 

means for receiving via an electronic network an entitlement control message containing 
a plurality of content keys associated with said watercrypted content from said decoder, together 
with a request to provide a session content key from said plurality of content keys, said session 
content key to be used to decrypt said watercrypted content; 

means for selecting said session content key using said product key and said client 
identifier from said license; and 

means for transmitting said session content key to said decoder in response to said 
request. 

27. (Original) The apparatus according to claim 26, wherein said license is encrypted with a 
personal public key to allow access to said license. 

28. (Original) The apparatus according to claim 27, further comprising means for decrypting 
said license using said personal public key. 

29. (Original) The apparatus according to claim 26, further comprising: 

means for receiving a transport key encrypted with a public key of said decoder; and 
means for encrypting said session content key with said transport key. 

30. (Original) The apparatus according to claim 29, further comprising means for 
transmitting said session content key encrypted with said transport key to said decoder. 

31. (Currently Amended) A computer readable medium containing executable instructions, 
which, when executed in a processing system, cause said processing system to perform a method 
to provide secure key selection comprising: 
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transmitting a license from a server to a secure device for storage, the license containing a 
product key of a watercrypted content and a client identifier to a secure d e vice for storag e; 

transmitting via an electronic network an entitlement control message containing a 
plurality of content keys associated with said watercrypted content to said secure device, together 
with a request to provide a session content key from said plurality of content keys, said session 
content key to be used to decrypt said watercrypted content; and 

receiving said session content key from said secure device in response to said request. 

32. (Currently Amended) A computer readable medium containing executable instructions, 
which, when executed in a processing system, cause said processing system to perform a method 
to provide secure key selection comprising: 

electronically storing a license containing a product key of a watercrypted content and a 
client identifier from a decoder; 

receiving via an electronic network an entitlement control message containing a plurality 
of content keys associated with said watercrypted content from said decoder, together with a 
request to provide a session content key from said plurality of content keys, said session content 
key to be used to decrypt said watercrypted content; 

selecting said session content key using said product key and said client identifier from 
said license; and 

transmitting said session content key to said decoder in response to said request. 

33. (Currently Amended) An Electronic apparatus to provide secure key selection 
comprising: 

a decoder; and 

a secure device coupled to said decoder to store a license sent from said decoder, said license 
containing a product key of a watercrypted content and a client identifier, to receive via an 
electronic network an entitlement control message containing a plurality of content keys 
associated with said watercrypted content from said decoder, together with a request to provide a 
session content key from said plurality of content keys, said session content key to be used to 
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decrypt said watercrypted content, to select said session content key using said product key and 
said client identifier from said license, and to transmit said session content key to said decoder in 
response to said request. 

34. (Original) The apparatus according to claim 33, wherein said license is encrypted with a 
public key of said secure device to allow said secure device to access said license. 

35. (Original) The apparatus according to claim 33, wherein said license is encrypted with a 
secret key of said secure device to allow said secure device to access said license. 

36. (Original) The apparatus according to claim 33, wherein said decoder further establishes 
a secure channel to communicate securely with said secure device. 

37. (Original) The apparatus according to claim 36, wherein, in establishing said secure 
channel, said decoder further encrypts a transport key with a decoder public key and transmits 
said transport key to said secure device. 

38. (Original) The apparatus according to claim 37, wherein said decoder further receives 
said session content key encrypted with said transport key and decrypts said session content key 
to be used in decrypting said watercrypted content. 

39. (Original) The apparatus according to claim 33, wherein said secure device is a smart 
card device. 

40. (Original) The apparatus according to claim 33, wherein said decoder further receives 
said license from a content server, which distributed said watercrypted content. 

41. (Original) The apparatus according to claim 33, wherein said decoder further receives said 
license from an entity connected to a content server which distributed said watercrypted 
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content, said entity storing said client identifier and being configured to encrypt said product key 
with a public key of said secure device. 

42. (Original) The apparatus according to claim 33, wherein said decoder further receives 
said entitlement control message from a content server, which distributed said watercrypted 
content. 

43. (Original) The apparatus according to claim 34, wherein said secure device further 
decrypts said license using said public key. 

44. (Original) The apparatus according to claim 33, wherein said secure device further 
receives a transport key encrypted with a decoder public key of said decoder and encrypts said 
session content key with said transport key. 

45. (Original) The apparatus according to claim 44, wherein said secure device further 
transmits said session content key encrypted with said transport key to said decoder. 



